Running the Elastic Stack on Dockeredit

The Elastic Docker registry contains Docker images for all the products in the Elastic Stack: https://www.docker.elastic.co/.

Run with Docker Composeedit

To get the default distributions of Elasticsearch and Kibana up and running in Docker, you can use Docker Compose.

  1. Create a docker-compose.yml file for the Elastic Stack. The following example brings up a three node cluster and Kibana so you can see how things work. This all-in-one configuration is a handy way to bring up your first dev cluster before you build a distributed deployment with multiple hosts.

    Version 8.0.0 of Elasticsearch has not been released, so the sample compose file is not yet available for this version. See the current version for the latest sample files.

  2. Make sure Docker Engine is allotted at least 4GiB of memory. In Docker Desktop, you configure resource usage on the Advanced tab in Preference (macOS) or Settings (Windows).
  3. Run docker-compose to bring up the three-node Elasticsearch cluster and Kibana:

    docker-compose up
  4. Submit a _cat/nodes request to see that the nodes are up and running:

    curl -X GET "localhost:9200/_cat/nodes?v&pretty"
  5. Open Kibana to load sample data and interact with the cluster: http://localhost:5601.

When you’re done experimenting, you can tear down the containers and volumes by running docker-compose down -v.

Run in Docker with TLS enablededit

If you have a Gold (or higher) subscription and the security features are enabled, you must configure Transport Layer Security (TLS) encryption for the Elasticsearch transport layer. While it is possible to use a trial license without setting up TLS, we advise securing your stack from the start.

To get an Elasticsearch cluster and Kibana up and running in Docker with security enabled, you can use Docker Compose:

  1. Create the following compose and configuration files. These files are also available from the elastic/stack-docs repository on GitHub.

    Version 8.0.0 of Elasticsearch has not been released, so the sample compose and configuration files are not yet available for this version. See the current version for the latest sample files.

    • instances.yml identifies the instances you need to create certificates for.
    • .env sets environment variables to specify the Elasticsearch version and the location where the Elasticsearch certificates will be created.
    • create-certs.yml is a Docker Compose file that launches a container to generate the certificates for Elasticsearch and Kibana.
    • elastic-docker-tls.yml is a Docker Compose file that brings up a three-node Elasticsearch cluster and a Kibana instance with TLS enabled so you can see how things work. This all-in-one configuration is a handy way to bring up your first dev cluster before you build a distributed deployment with multiple hosts.
  2. Make sure Docker Engine is allotted at least 4GiB of memory. In Docker Desktop, you configure resource usage on the Advanced tab in Preference (macOS) or Settings (Windows).
  3. Generate certificates for Elasticsearch by bringing up the create-certs container:

    docker-compose -f create-certs.yml run --rm create_certs
  4. Bring up the three-node Elasticsearch cluster:

    docker-compose -f elastic-docker-tls.yml up -d

    At this point, Kibana cannot connect to the Elasticsearch cluster. You must generate a password for the built-in kibana_system user, update the ELASTICSEARCH_PASSWORD in the compose file, and restart to enable Kibana to communicate with the secured cluster.

  5. Run the elasticsearch-setup-passwords tool to generate passwords for all built-in users, including the kibana_system user. If you don’t use PowerShell on Windows, remove the trailing `\`characters and join the lines before running this command.

    docker exec es01 /bin/bash -c "bin/elasticsearch-setup-passwords \
    auto --batch --url https://es01:9200"

    Make a note of the generated passwords. You must configure the kibana_system user password in the compose file to enable Kibana to connect to Elasticsearch, and you’ll need the password for the elastic superuser to log in to Kibana and submit requests to Elasticsearch.

  6. Set ELASTICSEARCH_PASSWORD in the elastic-docker-tls.yml compose file to the password generated for the kibana_system user.

    Version 8.0.0 of Elasticsearch has not been released, so the sample compose file is not yet available for this version. See the current version for the latest sample files.

  7. Use docker-compose to restart the cluster and Kibana:

    docker-compose stop
    docker-compose -f elastic-docker-tls.yml up -d
  8. Open Kibana to load sample data and interact with the cluster: https://localhost:5601.

    Because SSL is also enabled for communications between Kibana and client browsers, you must access Kibana via the HTTPS protocol.

When you’re done experimenting, you can tear down the containers, network, and volumes by running docker-compose -f elastic-docker-tls.yml down -v.

Loading settings from a fileedit

Specifying settings for Elasticsearch and {Kibana} directly in the compose file is a convenient way to get started, but loading settings from a file is preferable once you get past the experimental stage.

For example, to use es01.yml as the configuration file for the es01 Elasticsearch node, you can create a bind mount in the volumes section.

    volumes:
      - data01:/usr/share/elasticsearch/data
      - certs:$CERTS_DIR
      - ./es01.yml:/usr/share/elasticsearch/config/elasticsearch.yml

Similarly, to load Kibana settings from a file, you overwrite /usr/share/kibana/config/kibana.yml:

    volumes:
      - certs:$CERTS_DIR
      - ./kibana.yml:/usr/share/kibana/config/kibana.yml

Product-specific instructions for Dockeredit

See the product-specific documentation for information about running a specific Elastic product in Docker: